A JNLP app that uses JavaFX (that uses <jfx:javafx-runtime version="2.2+"/> tag in its <resources> element) does not take into account certificates from Windows Certificate store.

The JNLP app is hosted on a server that uses an SSL certificate that is issued by an internal Certification Authority (CA). When Java establishes the connection to the server, it cannot find a trusted root certificate and displays a security warning dialog with the message “The connection to this website is untrusted” and asks the user to confirm they trust the certificate.

The root certificate of the CA is installed into "Trusted Root Certification Authorities" store in the Windows trust store.

Regular Java Web Start apps (JNLP) as well as applets load the certificates from the Windows trust store and no security warning is displayed: the SSL certificate of the server is trusted because Java can find a trusted root certificate. It's the expected behaviour.

But it does not happen if the app uses JavaFX.
Only JavaFX apps are affected.